Honestly if you’re at the point of suspecting that your Linux system is infected, just back everything up, wipe, and reinstall. Make sure to use a known good computer to make the install disk, and completely wipe the drive before install and not use existing partitions.
People have mentioned Wireshark which you can use to monitor for suspicious network activity, but IMO for most people this isn’t super helpful because it’s hard to tell what’s suspicious and what’s normal from Wireshark alone without quite a bit of networking/software knowledge. Maybe there’s more user friendly packet capture software though, something that can string the packets together into their respective connections and summarise key information like the protocol and domain involved.
QDirStat can visualize the contents of your drive as an interactive map. Might be helpful for finding files that aren’t supposed to be there.
ClamAV is an open source antivirus available for Linux but I don’t know how well it does at actually detecting Linux malware. Seems to be more for people running file/email servers to scan incoming file uploads.
Honestly if you’re at the point of suspecting that your Linux system is infected, just back everything up, wipe, and reinstall. Make sure to use a known good computer to make the install disk, and completely wipe the drive before install and not use existing partitions.
People have mentioned Wireshark which you can use to monitor for suspicious network activity, but IMO for most people this isn’t super helpful because it’s hard to tell what’s suspicious and what’s normal from Wireshark alone without quite a bit of networking/software knowledge. Maybe there’s more user friendly packet capture software though, something that can string the packets together into their respective connections and summarise key information like the protocol and domain involved.
QDirStat can visualize the contents of your drive as an interactive map. Might be helpful for finding files that aren’t supposed to be there.
ClamAV is an open source antivirus available for Linux but I don’t know how well it does at actually detecting Linux malware. Seems to be more for people running file/email servers to scan incoming file uploads.